The Hacker News

Device Code Phishing Hits 340+ Microsoft 365 Orgs Across Five Countries via OAuth Abuse

Device code phishing targets 340+ Microsoft 365 orgs since Feb 2026 via OAuth abuse, enabling persistent token hijacking and ...
Bleeping Computer

OAuth Device Code Phishing: Azure vs. Google Compared

Come along with me on a journey as we delve into the swirling, echoing madness of identity attacks. Today, I present a case study on how different implementations of OAuth 2.0, the core authentication ...
Hosted on MSN

The growing threat of device code phishing and how to defend against It

Just as we think we’re getting one step ahead of cybercriminals, they find a new way to evade our defenses. The latest method causing trouble for security teams is that of device code phishing, a ...
Bleeping Computer

Hackers target Microsoft Entra accounts in device code vishing attacks

After you enter the code and authenticate, the device is automatically linked to your account without ever handling your password directly. To conduct a device-code phishing attack, threat actors need ...
Android Authority

Google could soon expand the Find My Device network with more automatic enrollments (APK teardown)

Google may introduce more automatic enrollments for its Find My Device network. Location access and device location syncing could trigger automatic enrollment. Strings also suggest that Google would ...
9to5google

Hands-on: Pebblebee’s Android Find My Device trackers include chargers and accessories

We’ve got our hands on the biggest set of trackers for Android’s Find My Device network from Pebblebee, and unlike others, they include chargers and accessories right in the box. What’s in the box ...